1 This program is very simple. It is released under the GNU Affero GPL.

2 This program reads all pwent and group entries using the getpwent() and getgrent() functions. It parses each record as it reads it. When parsing, it spits out and LDIF record in a hopefully suitable ldif form for importing into an LDAP database like that of openLDAP.

3

4 Compiling:

5

6 Because of my inability to use autoconf, you _must_ pass the --prefix=/some/path argument to ./configure. For instance, I believe the default prefix configure comes up with is /usr/local. So you could call configure as follows:

7 ./configure --prefix=/usr/local

8 If you really trust me and want to install the package into your system using a package manager, you'd use

9 ./configure --prefix=/usr --sysconfdir=/etc

10

11 Using:

12 Please see the output of makeldif -h. Many of the arguments are required. You can fill you one arg at a time and run makeldif to see which args you might still want to fill out.

13

14 -rcfile:

15 The rcfile option should have no effect on the operation of makeldif ATM.

16

17 -kuser support:

18 To make use of kuser-formatted gecos fields, pass the -k option. makeldif will treat gecos fields without 3 commas normally, but ones containing 4 commas should be parsed in the same way kuser parses them. Currently, the email and fullname fields will be extracted and used.

19

20 Getting Help:

21 Please email me, see the AUTHORS file. In the future, http://ohnopublishing.net/~ohnobinki/makeldif/ may become a useful resource, but I wouldn't get my hopes up if I was myself.

22

23 TO DO:

24

25 *Support passwords

26 We have no shadow support or even support for passwords given us from the getpwent function (which is very unlikely to happen as most people using pwents use shadow). This is because that would require support for writing passwords. I think openLDAP can accept them verbatim in their hashed form - I shall have to see.

27

28 I want password support because I want to be able to set up users that let mit-krb-1.6.*, samba, postfix log in securely to an ldap server. If I support creating these users through makeldif, the potential laziness factor will be increased. Hopefully this will increase the number of people who successfully set up centralized authentication/directory-based servers.

29

30 *Improve Dynamic quality

31 The program only allows the changing of the base name, organization name, and organization description. If anyone wants to write their own schema with a different name than inetorgperson or wants to change the behavior of the program when it chooses to make an inetorgperson or to use another structural class, that person has to post-processing my output. In fact, generating LDIF from get{pw,gr}ent() is probably more easily done with sed programs processing the output of the getent command-line utility.

32

33 *Allow direct LDAP support

34 This program should be able to connect directly to an LDAP server and compare the database to the output from the getpwent() function, only synchronizing differences interactively chosen by user or from a rule-set specified. Maybe the ldif output can be more effectively produced using and LDAP library's support for such? Maybe in-program verification of schema compatibility can be made possible from direct interaction with LDAP library.